Documente Academic
Documente Profesional
Documente Cultură
Developer Guide
API Version 2015-01-01
Table of Contents
What Is Amazon Elasticsearch Service? ............................................................................................ 1
Features of Amazon Elasticsearch Service ................................................................................ 1
How to Get Started with Amazon Elasticsearch Service ............................................................... 2
Signing Up for AWS ....................................................................................................... 3
Accessing Amazon Elasticsearch Service .......................................................................... 3
Regions and Endpoints .................................................................................................. 4
Scaling ........................................................................................................................ 4
Signing Requests .......................................................................................................... 5
Choosing an Instance Type ............................................................................................. 5
Using Amazon EBS Volumes for Storage ........................................................................... 6
Related Services ................................................................................................................... 6
Pricing for Amazon Elasticsearch Service .................................................................................. 7
Getting Started with Amazon ES Domains ......................................................................................... 8
Step 1: Signing Up for AWS ..................................................................................................... 8
Step 2: Creating an Amazon ES Domain ................................................................................... 9
Step 3: Configuring Access Policies for a Domain ...................................................................... 11
Step 4: Uploading Data for Indexing ........................................................................................ 12
Step 5: Searching Documents from an Amazon ES Domain ........................................................ 13
Step 6: Deleting an Amazon ES Domain .................................................................................. 13
Creating and Configuring Amazon ES Domains ................................................................................ 15
Creating Amazon ES Domains ............................................................................................... 15
Creating Amazon ES Domains (Console) ......................................................................... 15
Creating Amazon ES Domains (AWS CLI) ....................................................................... 17
Creating Amazon ES Domains (AWS SDKs) .................................................................... 19
Configuring Amazon ES Domains ........................................................................................... 20
Configuring Amazon ES Domains (Console) ..................................................................... 20
Configuring Amazon ES Domains (AWS CLI) ................................................................... 21
Configuring Amazon ES Domains (AWS SDKs) ................................................................ 23
Configuring EBS-based Storage ............................................................................................. 23
Configuring EBS-based Storage (Console) ....................................................................... 23
Configuring EBS-based Storage (AWS CLI) ..................................................................... 24
Configuring EBS-based Storage (AWS SDKs) .................................................................. 26
Configuring Access Policies .................................................................................................. 26
Configuring Access Policies (Console) ............................................................................. 26
Configuring Access Policies (AWS CLI) ........................................................................... 27
Configuring Access Policies (AWS SDKs) ........................................................................ 30
Configuring Snapshots ......................................................................................................... 31
Configuring Snapshots (Console) ................................................................................... 31
Configuring Snapshots (AWS CLI) .................................................................................. 31
Configuring Snapshots (AWS SDKs) ............................................................................... 32
Configuring Advanced Options ............................................................................................... 32
Configuring Advanced Options (Console) ......................................................................... 32
Configuring Advanced Options (AWS CLI) ....................................................................... 32
Configuring Advanced Options (AWS SDKs) .................................................................... 33
Managing Amazon ES Domains ..................................................................................................... 34
About Dedicated Master Nodes .............................................................................................. 34
Enabling Zone Awareness (Console) ....................................................................................... 36
Working with Manual Index Snapshots (AWS CLI) ..................................................................... 37
Snapshot Prerequisites ................................................................................................. 38
Registering a Snapshot Directory ................................................................................... 40
Taking and Restoring Manual Snapshots ......................................................................... 41
Monitoring Cluster Metrics and Statistics with Amazon CloudWatch (Console) ................................ 42
Cluster Metrics ............................................................................................................ 43
Dedicated Master Node Metrics ..................................................................................... 45
EBS Volume Metrics ..................................................................................................... 45
API Version 2015-01-01
iii
47
48
48
49
49
51
52
52
53
54
55
56
56
59
60
62
62
63
64
64
64
65
65
66
66
66
67
67
68
69
70
71
71
72
73
76
78
79
82
84
85
86
90
90
91
91
91
92
92
92
93
93
94
95
96
96
97
97
SnapshotOptions ......................................................................................................... 97
SnapshotOptionsStatus ................................................................................................ 98
Tag ........................................................................................................................... 98
TagKey ...................................................................................................................... 98
TagList ....................................................................................................................... 98
TagValue .................................................................................................................... 98
Errors ................................................................................................................................ 99
Amazon Elasticsearch Service Limits ............................................................................................ 100
Document History ...................................................................................................................... 103
AWS Glossary ........................................................................................................................... 104
Security
Node monitoring
You can deploy an Amazon ES cluster in minutes using the AWS Mangement Console. There are no
upfront costs to set up Amazon ES clusters, and you pay only for the service resources that you use.
/_cluster/stats
/_percolate
/_aliases
/_count
/_refresh
/_all
/_flush
/_search
/_analyze
/_mapping
/_snapshot
/_bulk
/_mget
/_stats
/_cat
/_msearch
/_status
/_cluster/health
/_nodes
/_template
/_plugin/kibana3
indices.breaker.request.limit
indices.breaker.total.limit
Note
The /_cluster/settings operation does not support the HTTP GET method. You can set
three cluster settings, but cannot retrieve them.
For more information about Elasticsearch APIs, see the Elasticsearch documentation.
For example, aes.us-east-1.amazonaws.com. For a list of supported regions, see Regions and
Endpoints in the AWS General Reference.
Amazon ES provides a single service endpoint for both search and data services:
http://search-domainname-domainid.us-east-1.aes.amazonaws.com
A domain's search endpoint is used to upload data and submit search requests.
Scaling Guidelines
Use the following guidelines to scale for both increased data quantity and data size:
t2.small.elasticsearch
t2.medium.elasticsearch
m3.medium.elasticsearch
m3.large.elasticsearch
m3.xlarge.elasticsearch
m3.2xlarge.elasticsearch
r3.large.elasticsearch
r3.xlarge.elasticsearch
r3.2xlarge.elasticsearch
r3.4xlarge.elasticsearch
r3.8xlarge.elasticsearch
i2.xlarge.elasticsearch
i2.2xlarge.elasticsearch
Note
All r3 and i2 instance types are not supported in the sa-east-1 region.
For more information, see Instance Types in the Amazon EC2 documentation.
Related Services
Amazon Elasticsearch Service is commonly used with the following services:
AWS CloudTrail
Use AWS CloudTrail to get a history of the Amazon Elasticsearch Service API calls and related
events for your account. CloudTrail is a web service that records API calls from your accounts and
delivers the resulting log files to your Amazon S3 bucket.You can also use CloudTrail to track changes
that were made to your AWS resources. For more information, see Auditing Amazon ES Domains
with CloudTrail (p. 47).
Amazon CloudWatch
An Amazon ES domain automatically sends metrics to Amazon CloudWatch so that you can gather
and analyze performance statistics. You can monitor these metrics by using the AWS CLI or the
AWS SDKs. For more information, see Monitoring Cluster Metrics and Statistics with Amazon
CloudWatch (Console) (p. 42).
Amazon Kinesis
Amazon Kinesis is a managed service that scales elastically for real-time processing of streaming
data at a massive scale. Amazon Elasticsearch Service provides Lambda sample code for integration
with Kinesis. For more information, see Streaming Data to Amazon ES From Amazon Kinesis (p. 59).
Amazon S3
Amazon Simple Storage Service (Amazon S3) is storage for the Internet. You can use Amazon S3
to store and retrieve any amount of data at any time, from anywhere on the web. Amazon Elasticsearch
Service provides Lambda sample code for integration with S3. For more information, see Streaming
Data to Amazon ES From Amazon S3 (p. 56).
AWS IAM
AWS Identity and Access Management (IAM) is a web service that you can use to manage users
and user permissions in AWS. Use AWS IAM to create user-based access policies for your Amazon
ES domains. See the IAM documentation for more information about using IAM to create user polices.
Amazon ES integrates with the following services to provide data ingestion:
AWS Lambda
AWS Lambda is a zero-administration compute platform for back-end web developers that runs your
code in the AWS cloud and provides you with a fine-grained pricing structure. Amazon ES provides
sample code to run on Lambda that integrates with Amazon Kinesis and Amazon S3. For more
information, see Streaming Data to Amazon ES (p. 55).
Amazon DynamoDB
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable
performance with seamless scalability. Amazon ES provides a Logstash plugin to support DynamoDB
Streams and sign AWS service requests.
For information about installing and setting up the AWS CLI, see the AWS Command Line Interface User
Guide.
Note
You must use the AWS CLI version 1.8.9 or later. To see which version of the AWS CLI you
have installed, run the aws command with the --version option: aws --version.
For console access, use your IAM user name and password to sign in to the AWS Management Console
using the IAM sign-in page. IAM lets you securely control access to AWS services and resources in your
AWS account. For more information about creating access keys, see How Do I Get Security Credentials?
in the AWS General Reference.
3.
Follow the instructions to sign up. You will need to enter payment information before you can begin
using Amazon Elasticsearch Service.
7.
8.
For EBS volume type, choose the external storage type. For more information, see Amazon
EBS Volume Types.
2.
For EBS volume size, type the size of the external storage in GB for each data node.
Calculate the total amount of EBS-based storage for the Amazon ES domain using the following
formula: (number of data nodes) * (EBS volume size).
9.
For Automated snapshot start hour, choose the hour of the day when automated snapshots will
be taken.
10. (Optional) Choose Advanced options.
1.
2.
The following command creates an Amazon ES domain named movies with two instances of the
m3.medium.elasticsearch instance type. The domain uses a 100 GB Magnetic disk EBS volume as
storage for each data node:
aws es create-elasticsearch-domain --domain-name movies --elasticsearchcluster-config InstanceType=m3.medium.elasticsearch,InstanceCount=2 --ebsoptionsEBSEnabled=true,VolumeType=standard,VolumeSize=100
The following command creates an Amazon ES domain named movies with five instances of the
m3.large.elasticsearch instance type. The domain uses a 100 GB General Purpose (SSD) EBS
volume as storage for each data node:
aws es create-elasticsearch-domain --domain-name movies --elasticsearchcluster-config InstanceType=m3.large.elasticsearch,InstanceCount=5 --ebsoptions EBSEnabled=true,VolumeType=gp2,VolumeSize=100
The following command creates an Amazon ES domain named movies with ten instances of the
m3.xlarge.elasticsearch instance type. The domain uses a 100 GB Provisioned IOPS (SSD) EBS
volume as storage for each data node and an IOPS value of 1000:
Note
Initializing a domain and its resources takes approximately ten minutes. When initialization is
complete, the endpoint of the domain is available for index and Amazon ES requests.
Use the following command to query the status of the new domain:
aws es describe-elasticsearch-domain --domain movies
4.
Edit your current access policy or select one of the policy templates from Select a template, and then
choose Submit. For more information, see Configuring Access for Amazon ES Domains (p. 26).
The status of your domain changes from Active to Processing. The status must return to Active
before your modified access policy takes effect.
Run the following command to authorize access to the new domain for the movies domain only from
the specified IP addresses:
aws es update-elasticsearch-domain-config --endpoint https://es.us-west1.amazonaws.com --domain-name movies --access-policies '{"Version": "201210-17", "Statement": [{"Action": "es:ESHttp*","Principal":"*","Effect":
"Allow", "Condition": {"IpAddress":{"aws:SourceIp":["192.0.2.0/32"]}}}]}"
Note
Standard clients, such as curl, cannot perform the request signing that is required of identity-based
access policies.You must use an IP address-based access policy that allows anonymous access
to successfully perform the instructions for this step.
Run the following command to add a single document to the movies domain:
curl -XPUT search-movies-4f3nw7eiia2xiynjr55a2nao2y.us-west-1.es.amazon
aws.com/movies/movie/tt0116996 -d '{"directors" : ["Tim Burton"],"genres"
: ["Comedy","Sci-Fi"],"plot" : "The Earth is invaded by Martians with irres
istible weapons and a cruel sense of humor.","title" : "Mars Attacks!","act
ors" : ["Jack Nicholson","Pierce Brosnan","Sarah Jessica Parker"],"year" :
1996},}'
Run the following command to upload multiple documents to the movies domain:
curl -XPOST 'http://search-movies-4f3nw7eiia2xiynjr55a2nao2y.us-west1.es.amazonaws.com/_bulk' --data-binary @bulk_movies.json
Tip
The service supports migrating data from manual snapshots taken on both Amazon ES and
self-managed Elasticsearch clusters. Restoring indices from a self-managed Elasticsearch cluster
is a common way to migrate data into Amazon ES.
Note
Standard clients, such as curl, cannot perform the request signing that is required of identity-based
access policies.You must use an IP address-based access policy that allows anonymous access
to successfully perform the instructions for this step.
To search documents (AWS CLI)
Run the following command to search the movies domain for the word 'nightmare':
curl -XGET 'search-movies-4f3nw7eiia2xiynjr55a2nao2y.us-west-1.es.amazon
aws.com/movies/_search?q=nightmare'
Point your browser to the Kibana plugin for your Amazon ES domain.You can find the Kibana endpoint
on your domain dashboard on the Amazon ES console.
For Search, type your query, and then choose Enter.
2.
3.
4.
5.
Note
Deleting a domain deletes all billable Amazon ES resources. However, manual snapshots of the
domain created with the native Amazon ES API are not deleted. Consider saving a snapshot if
you might need to recreate the Amazon ES domain in the future. If you do not plan to recreate
the domain, you can safely delete any snapshots that you created manually.
To delete an Amazon ES domain (AWS SDKs)
The AWS SDKs (except the Android and iOS SDKs) support all of the actions defined in the Amazon ES
Configuration API Reference (p. 71), including the delete-elasticsearch-domain command. For
more information about installing and using the AWS SDKs, AWS Software Development Kits.
2.
3.
4.
5.
Alternatively, choose Get Started if this is the first Amazon ES domain that you will create for your
AWS account.
On the Name domain page, for Amazon ES domain name, type a name for your new domain, and
then choose Next.
On the Configure cluster page, for Instance type, choose an instance type for the data nodes.
For a list of supported Amazon ES instance types, see the table that describes the
--elasticsearch-cluster-configure option (p. 22) for the AWS CLI.
6.
For Instance count, choose the number of instances that you want.
You can choose up to ten instances for each Amazon ES domain. We recommend that you choose
more than two instances to avoid potential Amazon ES issues, such as the split brain issue. We also
recommend that you have a replica for each index to avoid potential data loss. For more information
about replicas, see Shards and Replicas in the Elasticsearch documentation.
7.
(Optional) If you need to ensure cluster stability, configure a dedicated master node. For more
information, see Using Dedicated Master Nodes (p. 34).
1.
2.
3.
8.
9.
(Optional) To provide high availability for cluster nodes, select the Enable zone awareness check
box.
Zone awareness distributes Amazon ES cluster nodes across two Availability Zones in the same
region. If you enable zone awareness, you also must use the Amazon ES API to replicate your data
for your Amazon ES cluster. For more information, see Using Zone Awareness for High
Availability (p. 36).
For Storage type, choose either Instance (the default) or EBS.
Use an EBS volume for storage rather than the storage attached to the selected instance type if your
Amazon ES domain requires more storage. Domains with very large indices or large numbers of
indices often benefit from the increased storage capacity of EBS volumes. If you choose EBS, the
following fields appear.
1.
2.
If you choose Provisioned IOPS (SSD) for the EBS volume type, for Provisioned IOPS,
type the baseline IOPS performance that you want.
For EBS volume size, type the size of the EBS volume that you want to attach to each data
node.
Calculate the total amount of EBS-based storage for the Amazon ES domain using the following
formula: (number of data nodes) * (EBS volume size). For more information about supported
EBS volume types and sizes, see Configuring EBS-based Storage (p. 23). The minimum and
maximum size of an EBS volume depends on both the specified EBS volume type and the
instance type to which it is attached. For specific limits, see the EBS Resource (p. 101) table in
Amazon Elasticsearch Service Limits in this guide.
10. For Automated snapshot start hour, choose the hour for automated daily snapshots of domain
indices.
By default, the service takes an automated snapshot within an hour of midnight.
11. (Optional) Choose Advanced options.
1.
2.
Note
New domains take up to ten minutes to initialize. After your domain is initialized, you can upload
data and make changes to the domain.
[--snapshot-options <value>]
[--advanced-options <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton]
The following table provides more information about each of the optional parameters.
Optional Parameters
Parameter
Description
--elasticsearch-clusterconfig
Specifies the instance type and count of the new domain, whether
zone awareness is enabled, and whether the domain uses a dedicated master node. Dedicated master nodes improve cluster stability. For more information, see Configuring an Amazon ES
Cluster (p. 21).
--ebs-options
--access-policies
Specifies the access policy for the new domain. For more information, see Configuring Access Policies (p. 27).
--snapshot-options
Specifies the hour in UTC during which the service performs a daily
automated snapshot of the indices in the new domain. The default
value is 0, or midnight, which means that the snapshot is taken
anytime between midnight and 1 am. For more information, see
Configuring Automated Index Snapshots (p. 31).
--advanced-options
--generate-cli-skeleton
--cli-input-json
Specifies the name of a JSON file that contains a set of CLI parameters. For more information, see Generate CLI Skeleton and CLI
Input JSON Parameters in the AWS Command Line Interface User
Guide.
Examples
The first example demonstrates the following Amazon ES domain configuration:
Creates an Amazon ES domain named weblogs
Populates the domain with two instances of the m3.medium.elasticsearch instance type
Uses a 100 GB Magnetic disk EBS volume for storage for each data node
Allows anonymous access, but only from a single IP address: 192.0.2.0/32
Note
If you successfully create an Elasticsearch domain, the CLI ignores attempts to create another
domain with same name. The CLI does not report an error.
Note
For information about configuring a domain to use an EBS volume for storage, see Configuring
EBS-based Storage (p. 23).
If you want to change the instance type for data nodes, for Instance type, choose a new instance
type.
If you want to change the instance count, for Instance count, choose an integer from one to
ten.
(Optional) If you want to improve cluster stability, configure a dedicated master node for your
Amazon ES cluster. For more information, see Using Dedicated Master Nodes (p. 34).
1.
2.
3.
For Dedicated master instance count, choose the number of instances for the dedicated
master node.
We recommend choosing an odd number of instances to avoid potential Amazon ES issues,
such as the split brain issue. The default and recommended number is three. This number
counts toward the ten instance limit for your Amazon ES domain.
4.
5.
6.
If you want to change the status of zone awareness, select the Enable zone awareness check
box.
If you want to change the hour during which the service takes automated daily snapshots of the
primary index shards of your Amazon ES domain, for Automated snapshot start hour choose
an integer.
Choose Advanced options.
1.
2.
3.
6.
Choose Submit.
Note
Do not include spaces between parameters for the same option.
Valid Values
Description
InstanceType
InstanceCount
Integer
DedicatedMasterEnabled
true or false
DedicatedMasterType
DedicatedMasterCount
Integer
ZoneAwarenessEnabled
true or false
Examples
The following example creates an Amazon ES domain named mylogs with two instances of the
m3.medium.elasticsearch instance type and zone awareness enabled:
aws es create-elasticsearch-domain --domain-name mylogs --elasticsearch-clusterconfig InstanceType=m3.medium.elasticsearch,InstanceCount=2,DedicatedMasterEn
abled=false,ZoneAwarenessEnabled=true
However, you likely will want to reconfigure your new Amazon ES domain as network traffic grows and
as the quantity and size of documents increase. For example, you might decide to use a larger instance
type, use more instances, and enable a dedicated master node. The following example updates the
domain configuration with these changes:
aws es update-elasticsearch-domain-config --domain-name mylogs --elasticsearchcluster-config InstanceType=m3.large.elasticsearch,InstanceCount=3,Dedicated
MasterEnabled=true,DedicatedMasterType=m3.small.elasticsearch,DedicatedMaster
Count=3
Note
When changing an EBS volume type from provisioned IOPS to non-provisioned EBS volume
types, set the IOPS value to 0.
Caution
Currently, if the data node that is attached to an EBS volume fails, the EBS volume also fails.
3.
4.
In the navigation pane, under My domains, choose the domain that you want to configure.
Choose Configure cluster.
5.
6.
7.
If you choose Provisioned IOPS (SSD) for the EBS volume type, for Provisioned IOPS type
the baseline IOPS performance that you want.
For EBS volume size, type the size that you want for the EBS volume.
Calculate the total amount of EBS-based storage for the Amazon ES domain using the following
formula: (number of data nodes) * (EBS volume size). See Amazon Elasticsearch Service Limits (p. 101)
for the minimum and maximum size of EBS volumes.
8.
Choose Submit.
Tip
You must set the IOPS value for a Provisioned IOPS EBS volume to no more than 30 times the
maximum storage of the volume. For example, if your volume has a maximum size of 100 GB,
you may not assign an IOPS value for it that is greater than 3000.
For more information, see Amazon EBS Volumes in the Amazon EC2 documentation. For information
about the maximum size of supported EBS volumes in an Amazon ES domain, see Understanding Amazon
Elasticsearch Service Limits (p. 100).
Parameter
Valid Values
Description
EBSEnabled
true or false
VolumeType
Parameter
Valid Values
Description
VolumeSize
Integer
Specifies the size of the EBS volume for each data node.
The minimum and maximum size of an EBS volume depends on both the specified EBS volume type and the instance type to which it is attached.
Minimum and maximum EBS volume sizes by instance
type:
t2.micro.elasticsearch, t2.small.elasticsearch, t2.medium.elasticsearch
Minimum: 10 GB; Maximum: 35 GB for each data
node
Integer
Tip
We recommend that you do not set the IOPS value for a Provisioned IOPS EBS volume to more
than 30 times the maximum storage of the volume. For example, if your volume has a maximum
size of 100 GB, you should not assign an IOPS value for it that is greater than 3000. For more
information, including use cases for each volume types, see Amazon EBS Volume Types in the
EC2 documentation.
Examples
The following example creates a domain named mylogs with a 10 GB general purpose EBS volume:
API Version 2015-01-01
25
However, you might need a larger EBS volume as the size of your search indices increases. For example,
you might opt for a 100 GB Provisioned IOPS volume with a baseline I/O performance of 3000 IOPS.
The following example updates the domain configuration with those changes:
aws es update-elasticsearch-domain-config --domain-name=mylogs --ebs-options
EBSEnabled=true,VolumeType=io1,VolumeSize=100,IOPS=3000
Description
Resource-based access
policy
IP-based policy
IAM user and role-based ac- Amazon ES also supports access policies based on IAM users and roles.
cess policies
Use the IAM service to specify which users and roles can access the
service and what sub-resources they can use.
3.
4.
In the navigation pane, under My domains, choose the domain that you want to update.
Choose Modify access policy.
5.
6.
Description
This policy is used to restrict anonymous access to a specific IP address or range of IP addresses.
Choose Submit.
Parameter
Valid
Values
Description
--accesspolicies
JSON
Amazon Elasticsearch Service supports all of the policy elements documented in the IAM Policy Elements
Reference, including the most common elements described in the following table.
Valid Values
JSON
Policy Element
Description
Allow or Deny
Effect
Any string
Sid
Valid Values
JSON
Policy Element
Description
Resource
arn:aws:es:<region>:<aws_account_id>:domain:<domain-name>/<sub-resource>
Valid Values
JSON
Policy Element
Description
Principal
IAM users
"Principal":{"AWS": [arn:aws:iam::<aws_account_id>:user/<username>}
Configuring Snapshots
Amazon Elasticsearch Service provides automatic daily snapshots of a domain's primary index shards,
as well as the number of replica shards. By default, the service takes automatic snapshots at midnight,
but you can configure the hour at which this occurs.
Caution
The service stops taking snapshots of Amazon ES indices while the health of a cluster is RED.
Subsequent uploads to indices in a RED cluster, even indices with a health status of GREEN,
could be lost in the event of a cluster failure due to the cessation of snapshots. To prevent loss
of data, return the health of your cluster to GREEN before uploading additional data to any index
in the cluster.
Parameter
Valid Values
Description
AutomatedSnapshotStartHour
Integer
Specifies the hour in UTC during which the
between 0 and service performs a daily automated snapshot
23
of the indices in the new domain. The default
value is 0, or midnight, which means that the
snapshot is taken anytime between midnight
and 1:00 AM.
Example
The following example configures automatic snapshots at 01:00 UTC:
aws es update-elasticsearch-domain-config --domain-name mylogs --region us-east1 --snapshot-options AutomatedSnapshotStartHour=1
7.
For indices.fielddata.cache.size, enter the percentage of Java heap space that is allocated
to field data cache.
Choose Submit.
8.
--advanced-options rest.action.multi.allow_explicit=<true|false>,
indices.fielddata.cache.size=<percentage_heap>
Parameter
Valid Values
Description
--advanced-op- rest.action.multi.allow_explitions
cit=<true|false>, indices.fielddata.cache.size=<percentage_heap>
Example
The following example disables explicit references to indices in the HTTP request bodies and limits the
field data cache to 35 percent of the total Java heap:
aws es update-elasticsearch-domain-config --domain-name mylogs --region us-east-1
--advanced-options rest.action.multi.allow_explicit_index=false,
indices.fielddata.cache.size=35
Tip
We recommend that you allocate three dedicated master nodes for all Amazon ES domains in
production.
Dedicated master nodes perform the following cluster management tasks:
Tracks all nodes in the cluster
Tracks the number of indices in the cluster
Tracks the number of shards belonging to each index
Maintains routing information for nodes in the cluster
Updates the cluster state after state changes, such as index creation and the addition and removal of
nodes in the cluster
Replicates changes to the cluster state across all nodes in the cluster
Monitors the health of all cluster nodes by sending heartbeat signals, or periodic signals that monitor
the availability of the data nodes in the cluster
The following illustration shows an Amazon ES domain with the maximum of ten instances, seven data
nodes, and three dedicated master nodes. Only one of the dedicated master nodes is active; the two
grey dedicated master nodes wait as backup in case the active dedicated master node fails. All data
upload requests are served by the seven data nodes, and all cluster management tasks are offloaded to
the active dedicated master node.
Note
You can submit a support request to exceed the default maximum of ten instances for an Amazon
ES cluster. Contact AWS Support for more information about increasing this and other default
limits.
Because a dedicated master node does not process search and query requests, the instance type chosen
for this role typically does not require a large CPU and memory. Initially, use the m3.medium.elasticsearch
instance type and adjust as necessary. Small Amazon ES clusters with a single index and few index
shards will not benefit from a dedicated master node. We recommend that you avoid allocating dedicated
master nodes for all small and short-lived Amazon ES domains.
To prevent overloading a dedicated master node, you can monitor usage with the CloudWatch metrics
that are shown in the following table. Use a larger instance type for dedicated master nodes when these
metrics reach their respective maximum values.
CloudWatch Metric
Guideline
MasterCPUUtilization
Measures the percentage utilization of the CPU for the dedicated master
nodes. We recommend increasing the size of the instance type when
this metric reaches 60%.
MasterJVMMemoryPressure Measures the percentage utilization of the JVM memory for the dedicated
master nodes. We recommend increasing the size of the instance type
when this metric reaches 85%.
Important
Do not enable zone awareness if your cluster has no replica index shards or is a single node
cluster. Without replica shards and a second node, there are no replicas and nodes to distribute
to a second Availability Zone, and enabling the feature will not provide protection from data loss.
In addition, enabling zone awareness for an Amazon ES cluster slightly increases network
latencies, so we recommend that you do not enable the feature for single-node clusters.
The following illustration shows a four-node cluster with zone awareness enabled. The service places all
the primary index shards in one Availability Zone and all the replica shards in the second Availability
Zone.
Tip
We recommend that Amazon ES domains with zone awareness enabled always contain an even
number of data nodes so that traffic is evenly distributed across both zones.
For more information, see Regions and Availability Zones in the EC2 documentation.
Tip
Manual snapshots provide a convenient way to migrate data across Amazon ES domains and
to recover from failure. For more information, see Restoring to a different cluster in the
Elasticsearch documentation. The service supports restoring indices and creating new indices
from manual snapshots taken on both Amazon ES and self-managed Elasticsearch clusters.
API Version 2015-01-01
37
If you need greater flexibility, you can take snapshots manually and manage them in a snapshot repository,
an S3 bucket. This allows you to address a Red Cluster service error (p. 64) yourself without waiting for
AWS Support to restore the latest automatic snapshot. Your snapshot repository can hold several
snapshots, each identified by a unique name. For a complete description of manual index snapshots with
Amazon ES, see Snapshot and Restore in the Elasticsearch documentation.
Note
If your Elasticsearch domain experiences a Red Cluster (p. 64) error, AWS Support may contact
you to ask if you want to address the problem with your own manual index snapshots, or whether
you want the support team to restore the latest automatic snapshot of the domain. Support will
restore the latest automatic snapshot if you do not respond within seven days.
Snapshot Prerequisites (p. 38)
Registering a Snapshot Directory (p. 40)
Taking and Restoring Manual Snapshots (p. 41)
Snapshot Prerequisites
To create and restore index snapshots manually, you must work with IAM and Amazon S3. Verify that
you have met the following prerequisites before you attempt to take a snapshot.
Prerequisite
Description
S3 bucket
Stores manual snapshots for your Amazon ES domain. For more information, see
Create a Bucket in the Amazon S3 Getting Started Guide.
IAM role
Delegates permissions to Amazon Elasticsearch Service. The trust relationship for the
role must specify Amazon Elasticsearch Service in the Principal statement. The role
type must be Amazon EC2 . For instructions, see Create a Role to Delegate Permissions
to an AWS Service in the IAM documentation. The IAM role is also required to register
your snapshot repository with Amazon ES. Only IAM users with access to this role may
register the snapshot repository. For more information, see Registering a Snapshot
Repository (p. 40).
IAM policy
Specifies the actions that Amazon S3 may perform with your S3 bucket. The policy must
be attached to the IAM role that delegates permissions to Amazon Elasticsearch Service.
The policy must specify an S3 bucket in a Resource statement. For more information,
see Creating Customer Managed Policies and Attaching Managed Policies in the Using
IAM Guide.
S3 Bucket
Make a note of the Amazon Resource Name (ARN) for the S3 bucket where you will store manual
snapshots. You will need it for the following:
Resource statement of the IAM policy attached to your IAM role
Python client used to register a snapshot repository
The following example shows an ARN for an S3 bucket:
arn:aws:s3:::es-index-backups
For more information, see Create a Bucket in the Amazon S3 Getting Started Guide.
IAM Role
The role must specify Amazon Elasticsearch Service, es.amazonaws.com, in a Service statement in
its trust relationship, as shown in the following example:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "es.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
Note
Only IAM users with access to this role may register the snapshot repository.
For instructions, see Create a Role to Delegate Permissions to an AWS Service in the Using IAM Guide.
IAM Policy
An IAM policy must be attached to the role. The policy must specify the S3 bucket used to store manual
snapshots for your Amazon ES domain. The following example specifies the ARN of the
es-index-backups bucket:
{
"Version":"2012-10-17",
"Statement":[
{
"Action":[
"s3:ListBucket"
],
"Effect":"Allow",
"Resource":[
"arn:aws:s3:::es-index-backups"
]
},
{
"Action":[
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"iam:PassRole"
],
"Effect":"Allow",
"Resource":[
"arn:aws:s3:::es-index-backups/*"
]
}
]
}
For instructions, see Creating Customer Managed Policies and Attaching Managed Policies in the Using
IAM Guide.
Note
You cannot use curl to perform this operation because it does not support AWS request signing.
Instead, use the sample Python client to register your snapshot directory.
Sample Python Client
Save the following sample Python code as a Python file, such as snapshot.py. Registering the snapshot
directory with the service is a one-time operation. You can use curl to take subsequent snapshots, as
described in Taking a Snapshot Manually (p. 41).
You must update the following in the sample code:
region
The AWS region where you created the snapshot repository
endpoint
The endpoint for your Amazon ES domain
aws_access_key_id
IAM credential
aws_secret_access_key
IAM credential
path
The location of the snapshot repository
Note
The Python client requires the boto package be installed on the computer where you will register
your snapshot repository.
from boto.connection import AWSAuthConnection
class ESConnection(AWSAuthConnection):
def __init__(self, region, **kwargs):
super(ESConnection, self).__init__(**kwargs)
self._set_auth_region_name(region)
self._set_auth_service_name("es")
def _required_auth_capability(self):
return ['hmac-v4']
if __name__ == "__main__":
client = ESConnection(
region='us-east-1',
host='search-weblogs-etrt4mbbu254nsfupy6oiytuz4.us-east-1.es.a9.com',
aws_access_key_id='my-access-key-id',
aws_secret_access_key='my-access-key', is_secure=False)
The following example takes a snapshot named snapshot_1 and stores it in the
weblogs-index-backups snapshot repository:
curl -XPUT 'http://<Elasticsearch_domain_endpoint>/_snapshot/weblogs-indexbackups/snapshot_1'
Note
The time required to take a snapshot increases with the size of the Amazon ES domain.
Long-running snapshot operations commonly encounter the following error: BotoServerError:
504 GATEWAY_TIMEOUT. Typically, you can ignore these errors and wait for the operation to
complete successfully. Use the following command to verify the state of all snapshots of your
domain:
curl -XGET 'http://<Elasticsearch_domain_endpoint>/_snapshot/<snapshot_re
pository>/_all?pretty'
The following example demonstrates how to delete the existing indices for the weblogs domain:
curl -XDELETE 'http://search-weblogs-abcdefghijklmnojiu.us-east-1.a9.com/_all'
2.
The following example restores snapshot_1 from the weblogs-index-backups snapshot repository:
curl -XPOST 'http://search-weblogs-abcdefghijklmnojiu.us-east1.a9.com/_snapshot/weblogs-index-backups/snapshot_1/_restore'
Tip
The service archives the metrics for two weeks before discarding them.
To view configurable statistics for a metric
1.
2.
3.
4.
5.
6.
7.
For a list of relevant statistics for each metric, see the tables in Cluster Metrics (p. 43). Some statistics
are not relevant for a given metric. For example, the Sum statistic is not meaningful for the Nodes
metric.
Choose Update graph.
Cluster Metrics
The service provides the following metrics for clusters.
Tip
Use Amazon CloudWatch to check your cluster metrics if metrics are unavailable in the Amazon
ES console.
Cluster Metric
Description
ClusterStatus.green
ClusterStatus.yellow
Indicates that the primary shards for all indices are allocated to nodes in
a cluster, but the replica shards for at least one index are not. Note that
single node clusters always initialize with this cluster status because there
is no second node to which a replica can be assigned. You can either
increase your node count to obtain a green cluster status, or you can use
the Elasticsearch API to set the number_of_replicas setting for your
index to 0. For more information, see Configuring Amazon ES Domains (p. 20) in this guide and Update Indices Settings in the Elasticsearch documentation.
Relevant statistics: Minimum, Maximum
ClusterStatus.red
Indicates that primary and replica shards of at least one index are not
allocated to nodes in a cluster. A common cause for this state is a lack
of free storage space on one or more of the data nodes in an Elasticsearch cluster. In turn, a lack of free storage space prevents the service
from distributing replica shards to the affected data node or nodes, and
all new indices to start with a red cluster status. To recover, you must
add EBS-based storage to existing data nodes, use larger instance types,
or delete the indices and restore them from a snapshot. See Red Cluster
Status (p. 64) in Handling AWS Service Errors for recovery instructions.
Relevant statistics: Minimum, Maximum
Nodes
SearchableDocuments
DeletedDocuments
Specifies the total number of deleted documents across all indices in the
cluster.
Relevant statistics: Minimum, Maximum, Average
CPUUtilization
Specifies the maximum percentage of CPU resources used for data nodes
in the cluster.
Relevant statistics: Maximum, Average
Cluster Metric
Description
FreeStorageSpace
Specifies the free space, in megabytes, for all data nodes in the cluster.
Amazon ES throws a ClusterBlockException when this metric
reaches 0. To recover, you must either delete indices, add larger instances, or add EBS-based storage to existing instances. For more information, see Configuring Amazon ES Domains (p. 20) and Configuring
EBS Storage (p. 23).
Relevant statistics: Minimum
JVMMemoryPressure
Specifies the maximum percentage of the Java heap used for all data
nodes in the cluster.
Relevant statistics: Maximum
AutomatedSnapshotFailure
The following screenshot shows the cluster metrics described in the preceding table.
Description
MasterCPUUtilization
Specifies the maximum percentage of CPU resources used by the dedicated master nodes. We recommend increasing the size of the instance
type when this metric reaches 60%.
Relevant statistics: Average
MasterFreeStorageSpace
This metric is not relevant and can be ignored. The service does not use
master nodes as data nodes.
MasterJVMMemoryPressure
Specifies the maximum percentage of the Java heap used for all dedicated
master nodes in the cluster. We recommend moving to a larger instance
type when this metric reaches 85%.
Relevant statistics: Maximum
The following screenshot shows the dedicated master nodes metrics described in the preceding table.
Description
ReadLatency
WriteLatency
Description
ReadThroughput
WriteThroughput
DiskQueueDepth
Specifies the number of pending input and output (I/O) requests for an
EBS volume.
Relevant statistics: Minimum, Maximum, Average
ReadIOPS
Specifies the number of input and output (I/O) operations per second for
read operations on EBS volumes.
Relevant statistics: Minimum, Maximum, Average
WriteIOPS
Specifies the number of input and output (I/O) operations per second for
write operations on EBS volumes.
Relevant statistics: Minimum, Maximum, Average
The following screenshot shows the EBS volume metrics described in the preceeding table.
Note
CloudTrail logs events only for configuration-related API calls to Amazon Elasticsearch Service.
Data-related APIs are not logged.
The following example shows a sample CloudTrail log for Amazon Elasticsearch Service:
{
"Records": [
{
"eventVersion": "1.03",
"userIdentity": {
"type": "Root",
"principalId": "000000000000",
"arn": "arn:aws:iam::000000000000:root",
"accountId": "000000000000",
"accessKeyId": "A*****************A"
},
"eventTime": "2015-07-31T21:28:06Z",
"eventSource": "es.amazonaws.com",
"eventName": "CreateElasticsearchDomain",
"awsRegion": "us-east-1",
"sourceIPAddress": "Your IP",
"userAgent": "es/test",
"requestParameters": {
"elasticsearchClusterConfig": {},
"snapshotOptions": {
"automatedSnapshotStartHour": "0"
},
"domainName": "your-domain-name",
"eBSOptions": {
"eBSEnabled": false
}
},
"responseElements": {
"domainStatus": {
"created": true,
"processing": true,
"aRN": "arn:aws:es:us-east-1:000000000000:domain/your-domainname",
"domainId": "000000000000/your-domain-name",
"elasticsearchClusterConfig": {
"zoneAwarenessEnabled": false,
"instanceType": "m3.medium.elasticsearch",
"dedicatedMasterEnabled": false,
"instanceCount": 1
},
"deleted": false,
"domainName": "your-domain-name",
"accessPolicies": "",
"advancedOptions": {
"rest.action.multi.allow_explicit_index": "true"
},
"snapshotOptions": {
"automatedSnapshotStartHour": "0"
},
"eBSOptions": {
"eBSEnabled": false
}
}
},
"requestID": "05dbfc84-37cb-11e5-a2cd-fbc77a4aae72",
"eventID": "c21da94e-f5ed-41a4-8703-9a5f49e2ec85",
"eventType": "AwsApiCall",
"recipientAccountId": "000000000000"
}
]
}
requested action, any parameters, the date and time of the action, and so on. The log entries are not
guaranteed to be in any particular orderthey are not an ordered stack trace of the public API calls.
CloudTrail log files include events for all AWS API calls for your AWS account, not just calls to the Amazon
ES configuration service API. However, you can read the log files and scan for eventSource
es.amazonaws.com. The eventName element contains the name of the configuration service action
that was called.
You must add the http: prefix to your Amazon ES domain endpoint.
Tip
We recommend that you configure an IP-based access policy for the computer that hosts your
local Kibana server. IP-based access policies restrict access to domain resources to one or more
specific IP addresses. IP-based policies can also be configured to allow anonymous access,
which enables you to submit unsigned requests to an Amazon ES domain. For more information,
see Configuring Access Policies (p. 26).
Input
region
Input
Output
protocol
Output
ssl
Output
port
Output
flush_size
Output
By default, Logstash fills a buffer with 5,000 events before sending the entire batch onward. However, if your
documents are large, approaching 100 MB in size, we
recommend configuring flush_size option to a larger
value to prevent the buffer from filling too quickly.
If you increase flush_size, we recommend also setting
the Logstash LS_HEAP_SIZE environment variable to
2048 MB to prevent running out of memory.
See flush_size in the Elasticsearch documentation
for more information.
input{
s3 {
bucket => "wikipedia-stats-log"
access_key_id => "lizards"
secret_access_key => "lollipops"
region => "us-east-1"
}
}
output{
elasticsearch {
host => "search-logs-demo0-cpxczkdpi4bkb4c44g3csyln5a.us-east1.es.a9.com"
protocol => "http"
ssl => true
port => 443
flush_size => 250000
}
}
The following example demonstrates the same configuration, but connects to Amazon ES without SSL
on port 80:
API Version 2015-01-01
50
input{
s3 {
bucket => "wikipedia-stats-log"
access_key_id => "lizards"
secret_access_key => "lollipops"
region => "us-east-1"
}
}
output{
elasticsearch {
host => "search-logs-demo0-cpxczkdpi4bkb4c44g3csyln5a.us-east1.es.a9.com"
protocol => "http"
ssl => false
port => 80
flush_size => 250000
}
}
Note
The service request in the preceding example must be signed. For more information about
signing AWS requests, see Signing Amazon Elasticsearch Service Requests (p. 51). Use the
logstash-output-amazon-es output plugin to sign and export Logstash events to Amazon
Elasticsearch Service. For instructions, see README.md.
Note
Amazon ES provides a Logstash output plugin to sign and export Logstash events to Amazon
Elasticsearch Service. Download the logstash-output-amazon-es plugin and see README.md
for instructions.
Description
Tag key
The tag key is the required name of the tag. Tag keys must be unique for the Amazon
ES domain to which they are attached. See Tag Restrictions for a list of basic restrictions
on tag keys and values.
Tag value
The tag value is an optional string value of the tag. Tag values can be null and do not
have to be unique in a tag set. For example, you can have a key-value pair in a tag
set of project/Trinity and cost-center/Trinity. See Tag Restrictions for a list of basic restrictions on tag keys and values.
Each Amazon ES domain has a tag set, which contains all the tags that are assigned to that Amazon ES
domain. AWS does not automatically set any tags on Amazon ES domains. A tag set can contain as
many as ten tags, or it can be empty. If you add a tag to an Amazon ES domain that has the same key
as an existing tag for a resource, the new value overwrites the old value.
You can use these tags to track costs by grouping expenses for similarly tagged resources. An Amazon
ES domain tag is a name-value pair that you define and associate with an Amazon ES domain. The name
is referred to as the key. You can use tags to assign arbitrary information to an Amazon ES domain. A
tag key could be used, for example, to define a category, and the tag value could be a item in that category.
For example, you could define a tag key of project and a tag value of Salix, indicating that the Amazon
ES domain is assigned to the Salix project. You could also use tags to designate Amazon ES domains
as being used for test or production by using a key such as environment=test or environment=production.
We recommend that you use a consistent set of tag keys to make it easier to track metadata associated
with Amazon ES domains.
Use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS
account bill with tag key values included. Then, organize your billing information according to resources
with the same tag key values to see the cost of combined resources. For example, you can tag several
Amazon ES domains with key-value pairs, and then organize your billing information to see the total cost
for each domain across several services. For more information, see Cost Allocation and Tagging in the
AWS Billing and Cost Management documentation.
Note
Tags are cached for authorization purposes. Because of this, additions and updates to tags on
Amazon ES domains might take several minutes before they are available.
3.
4.
5.
6.
7.
Choose Submit.
To delete a tag
1.
2.
3.
4.
5.
6.
For more information about using the console to work with tags, see Working with the Tag Editor in the
AWS Management Console Getting Started Guide.
Parameter
Description
--arn
Amazon resource name for the Amazon ES domain to which the tag is attached.
--tag-list
Example
The following example creates two tags for the logs domain:
aws es add-tags --arn arn:aws:es:us-east-1:379931976431:domain/logs --tag-list
Key=service,Value=Elasticsearch Key=instances,Value=m3.2xlarge
You can remove tags from an Amazon ES domain using the remove-tags command.
Syntax
remove-tags --arn=<domain_arn> --tag-keys Key=<key>,Value=<value>
Parameter
Description
--arn
Amazon Resource Name (ARN) for the Amazon ES domain to which the
tag is attached.
--tag-keys
Set of space-separated tag keys that you want to remove from the Amazon
ES domain.
Example
The following example removes two tags from the logs domain that were created in the preceding example:
aws es remove-tags --arn arn:aws:es:us-east-1:379931976431:domain/logs --tagkeys service instances
You can view the existing tags for an Amazon ES domain with the list-tags command:
Syntax
list-tags --arn=<domain_arn>
Parameter
Description
--arn
Amazon Resource Name (ARN) for the Amazon ES domain to which the
tags are attached.
Example
The following example lists all resource tags for the logs Amazon ES domain:
aws es list-tags --arn arn:aws:es:us-east-1:379931976431:domain/logs
Streaming data provides fresh data for search and analytic queries. Amazon S3 pushes event notifications
to AWS Lambda, as described in AWS Lambda Walkthrough 2: Handling Amazon S3 Events Using the
AWS CLI (Node.js) of the AWS Lambda Developer Guide. Amazon Kinesis, however, requires AWS
Lambda to poll for, or pull, event notifications, as described in AWS Lambda Walkthrough 4: Processing
Events from an Amazon Kinesis Stream Using the AWS CLI (Node.js). You should be familiar with these
service integrations before attempting to use them to load streaming data into your Amazon ES domain.
For more information about these services, see the following AWS documentation:
AWS Lambda Developer Guide
Amazon S3 Developer Guide
Amazon Kinesis Developer Guide
Amazon DynamoDB Developer Guide
Amazon CloudWatch Developer Guide
Note
AWS Lambda is available for the following regions: us-east-1, us-west-2, eu-west-1, and
ap-northeast-1.
Description
Amazon S3 Bucket
The event source that triggers your Lambda function. For more information,
see Create a Bucket in the Amazon Simple Storage Service Getting Started
Guide . The bucket must reside in the same AWS region as your Amazon
ES domain.
Amazon ES Domain
The destination for data after it is processed by the application code in your
Lambda function. For more information, see Creating Amazon ES Domains (p. 15) in this guide.
Lambda Function
The Java or Node.js application code that runs when S3 pushes an event
notification to Lambda. Amazon ES provides a sample application in Node.js,
s3_lambda_es.js, that you can download to get started: Lambda Sample
Code for Amazon ES.
Lambda Deployment
Package
A .zip file consisting of your Java or Node.js application code and any dependencies. For information about the required folder hierarchy, see Creating a
Deployment Package (p. 57) in this guide. For general information about
creating Lambda deployment packages, see Create a Lambda Function Deployment Package (Node.js) and Creating a Deployment Package (Java).
Amazon ES Authorization
You can use any name for the top-level folder, rather than eslambda. However, the subfolder must
be named node_modules.
2. Place your application source code in the eslambda folder.
3. Add or edit the following four global variables:
endpoint, the Amazon ES domain endpoint
region, the AWS region in which you created your Amazon ES domain
index, the name of the Amazon ES index to use for data streamed from Amazon S3
doctype, the Amazon ES document type of the streamed data. For more information, see Mapping
Types in the Elasticsearch documentation.
The following example from the s3_lambda_es.js configures the sample application to use the
streaming-logs Amazon ES domain endpoint in the us-east-1 AWS region.
/* Globals */
var esDomain = {
endpoint: 'search-streaming-logs-okga24ftzsbz2a2hzhsqw73jpy.us-east1.es.a9.com',
region: 'us-east-1',
index: 'streaming-logs',
doctype: 'apache'
};
5. Verify that all runtime dependencies that are required by your application code are located in the
node_modules folder.
6. Execute the following command to package the application code and dependencies:
zip -r eslambda.zip *
The name of the zip file must match the top-level folder.
For more information about creating Lambda deployment packages, see Create a Lambda Function
Deployment Package (Node.js) and Creating a Deployment Package (Java).
Note
For more information about creating and configuring a Lambda function, see Getting Started:
Authoring AWS Lambda Code in Java and Getting Started: Authoring AWS Lambda Code in
Node.js.
Function Configur- Description
ation
IAM Execution Role The name of the IAM role used to execute actions on Amazon S3. While creating
your Lambda function, the Lambda console automatically opens the IAM console
to help you create the execution role. Later, you must also attach an IAM access
policy to this role that permits Lambda to add data to your Amazon ES domain.
For details, see Granting Authorization to Add Data to Your Amazon ES Domain (p. 58).
Event Source
Specify the S3 bucket as the event source for the Lambda function. For instructions, see Step 2: Configure Amazon S3 as the Event Source Using the Console
(Node.js). AWS Lambda will automatically add the necessary permissions for
Amazon S3 to invoke your Lambda function from this event source. Optionally,
specify a file suffix to filter what kinds of files trigger the Lambda function, such
as .log.
Handler
The name of the file containing the application source code, but with the .handler
file suffix. For example, if your application source code resides in a file named
s3_lambda_es.js, the handler must be configured as s3_lambda_es.handler.
For more information, see Getting Started 1: Invoking Lambda Functions from
User Applications Using the AWS Lambda Console (Node.js). Amazon ES provides
a sample application in Node.js that you can download to get started: Lambda
Sample Code for Amazon ES.
Timeout
The length of time Lambda should wait before canceling an invocation request.
The default value of three seconds is too short for the Amazon ES use case. We
recommend configuring your timeout for 10 seconds.
For more function configuration details, see Configuring a Lambda Function (p. 58) in this guide. For
general information, see the following topics in the AWS Lambda Developer Guide:
Authoring Lambda Functions in Node.js
Authoring Lambda Functions in Java
For more information about attaching IAM access policies to roles, see Tutorial: Create and Attach Your
First Customer Managed Policy in the IAM User Guide.
Description
The event source for your Lambda function. For instructions on creating
Amazon Kinesis streams, see Amazon Kinesis Streams.
Elasticsearch Domain
Lambda Function
The Java or Node.js application code that runs when Amazon S3 pushes
an event notification to Lambda. Amazon ES provides a sample application
in Node.js, kinesis_lambda_es.js, that you can download to get
started: Lambda Sample Code for Amazon ES.
Lambda Deployment Pack- A .zip file that consists of your Java or Node.js application code and any
age
dependencies. For more information about creating Lambda deployment
packages, see Create a Lambda Function Deployment Package (Node.js)
and Creating a Deployment Package (Java).
Prerequisite
Description
Amazon ES Authorization
Your integration must grant IAM access policy that permits Lambda to add
data to your Amazon ES domain. Attach this policy to the Amazon Kinesis
execution role that you create as part of your Lambda function. For details,
see Granting Authorization to Add Data to Your Amazon ES Domain (p. 58).
You can use any name for the top-level folder, rather than eslambda. However, you must name the
subfolder node_modules.
2. Place your application source code in the eslambda folder.
3. Add or edit the following global variables in your sample application:
endpoint, the Amazon ES domain endpoint
region, the AWS region in which you created your Amazon ES domain
index, the name of the Amazon ES index to use for data streamed from Amazon Kinesis
doctype, the Amazon ES document type of the streamed data. For more information, see Mapping
Types in the Elasticsearch documentation.
The following example from the kinesis_lambda_es.js configures the sample application to use
the streaming-logs Amazon ES domain endpoint in the us-east-1 AWS region.
/* Globals */
var esDomain = {
endpoint: 'search-streaming-logs-okga24ftzsbz2a2hzhsqw73jpy.us-east1.es.a9.com',
region: 'us-east-1',
index: 'streaming-logs',
doctype: 'apache'
};
For example, if you are using Node.js, you must execute the following command for each require
statement in your application code:
npm install <dependency>
5. Verify that all runtime dependencies that are required by your application code are located in the
node_modules folder.
6. Execute the following command to package the application code and dependencies:
zip -r eslambda.zip *
The name of the zip file must match the top-level folder.
For more information about creating Lambda deployment packages, see Create a Lambda Function
Deployment Package (Node.js) and Creating a Deployment Package (Java).
Note
For more information about creating and configuring a Lambda function, see Getting Started:
Authoring AWS Lambda Code in Java and Getting Started: Authoring AWS Lambda Code in
Node.js.
Configuration
Description
Amazon Kinesis
stream
The event source of your Lambda Function. For instructions, see Amazon Kinesis
Streams.
The name of the IAM role used to execute actions on Amazon Kinesis. While
configuring your Lambda function, the Lambda console automatically opens the
IAM console to help you create the execution role. Later, you must also attach
an IAM access policy to this role that permits Lambda to send data to your Amazon
ES domain. You must also attach an IAM access policy to this role that permits
Lambda to send data to your Amazon ES domain. For details, see Granting Authorization to Add Data to Your Amazon ES Domain (p. 62).
Handler
The name of the file that contains the application source code, but with the
.handler file suffix. For example, if your application source code resides in a
file named kinesis_lambda_es.js, the handler must be configured as kinesis_lambda_es.handler. For more information, see Getting Started 1: Invoking
Lambda Functions from User Applications Using the AWS Lambda Console
(Node.js). Amazon ES provides a sample application in Node.js that you can
download to get started: Lambda Sample Code for Amazon ES.
Timeout
The length of time Lambda should wait before canceling an invocation request.
The default value of three seconds is too short for this use case. We recommend
configuring your timeout for 10 seconds.
For more information, see the following topics in the AWS Lambda Developer Guide:
For more information about attaching IAM access policies to roles, see Tutorial: Create and Attach Your
First Customer Managed Policy in the IAM User Guide.
/_cluster/stats
/_percolate
/_aliases
/_count
/_refresh
/_all
/_flush
/_search
/_analyze
/_mapping
/_snapshot
/_bulk
/_mget
/_stats
/_cat
/_msearch
/_status
/_cluster/health
/_nodes
/_template
For more information about Elasticsearch features, see the Elasticsearch documentation.
Note
The /_cluster/settings operation does not support the HTTP GET method. You can set
three cluster settings, but cannot retrieve them. For more information about using
/_cluster/settings to set JVM-based memory breakers for Amazon ES, see JVM
OutOfMemory Error (p. 66) in this guide. For more information about the three supported cluster
settings, see Cluster Update Settings and Field Data in the Elasticsearch documentation.
Note
The Nodes metric is not accurate during changes to your cluster configuration and during routine
maintenance for the service. This is expected behavior. The metric will soon report the correct
number of cluster nodes.
You can protect your clusters from unexpected node terminations and restarts by creating at least one
replica for each index in your Amazon ES domain. For more information, see Shards and Replicas in the
Elasticsearch documentation.
Description
Recovery
JVMMemoryPressure
CPUUtilization
Specifies the percentage of CPU resources used for data nodes in the
cluster. View the Maximum statistic for
this metric and look for a continuous
pattern of high usage.
Nodes
JVM OutOfMemoryError
A JVM OutOfMemoryError typically indicates that one of the following JVM circuit breakers was reached.
Circuit Breaker
Description
Parent Breaker
Request Breaker
Note
The /_cluster/settings operation does not support the HTTP GET method. You can set
three cluster settings, but cannot retrieve them.
Troubleshooting
The following sections offer solutions to common problems that you might encounter when you use
services and products that integrate with Amazon Elasticsearch Service:
Kibana: I cannot sign AWS service requests to the Kibana service endpoint. (p. 67)
Kibana: I don't see the indices for my Elasticsearch domain in Kibana 4. (p. 68)
Kibana: I get a browser error when I use Kibana to view my data. (p. 69)
Integrations: I don't see a service role for Amazon ES in the IAM console. (p. 70)
For information about service-specific errors, see Handling Service Errors (p. 64) in this guide.
If the Kibana host is behind a firewall, configure the Kibana endpoint to accept
anonymous requests from the IP address of the firewall. Use CIDR notation
if you need to specify a range of IP addresses.
Amazon VPC supports NAT gateways. When you create a NAT gateway, you
must specify an Elastic IP address to associate with the gateway. The NAT
gateway sends traffic to the public Internet gateway using the Elastic IP address
as the source IP address. Specify this Elastic IP address in the access policy
for Kibana to allow all requests from the gateway. For more information, see
NAT Gateway Basics and Creating a NAT Gateway in the http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/.
Examples
The following example is an anonymous, IP-based access policy that specifies a range of IP addresses
and an 18-bit routing prefix:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "es:*",
"Resource": "arn:aws:es:us-west-2:123456789012:domain/mydomain/_plu
gin/kibana",
"Condition": {
"IpAddress": {
"aws:SourceIp": "192.240.192.0/18"
}
}
}
]
}
The following example specifies anonymous access from the Elastic IP address associated with a NAT
gateway:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "es:*",
"Resource": "arn:aws:es:us-west-2:123456789012:domain/mydomain/_plu
gin/kibana",
"Condition": {
"IpAddress": {
"aws:SourceIp": "198.51.100.4"
}
}
}
]
}
to first specify an index name or pattern that matches the name of an index in your Amazon ES domain.
For example, if your Amazon ES domain contains an index named movies-2013, any of the following
patterns would match this index:
movies-2013
movies-*
mov*
You can configure visualizations for the data in your Amazon ES domain index after you specify the index
name or pattern. You can find the names of your domain indices on the Indices tab in the Amazon
Elasticsearch Service console. For more information about using Kibana 4, see the Kibana User Guide.
Tip
Amazon ES also supports Kibana 3, so you can configure access to that version of the tool if
you prefer to use it. Specify /_plugin/kibana3 as the resource in your access policy rather
than /_plugin/kibana. After the service finishes processing the configuration change, you
can access Kibana 3 by manually editing the Kibana service endpoint provided in the Amazon
ES console. For example, if the console indicates that your Kibana endpoint is
mydomain-6w5y8xjt5ydwsrubmdk4m5kcpa.us-west-2.es.amazonaws.com/_plugin/kibana/,
point your browser to
mydomain-6w5y8xjt5ydwsrubmdk4m5kcpa.us-west-2.es.amazonaws.com/_plugin/kibana3/
instead.
Potential Cause
Workaround
Potential Cause
Workaround
3.
For step-by-step procedures, see Loading Streaming Data into Amazon ES from Amazon S3 (p. 56) and
Loading Streaming Data into Amazon ES from Amazon Kinesis (p. 59) in this guide.
Actions
The following table provides a quick reference to the HTTP method required for each action for the REST
interface to the Amazon ES Configuration API. The description of each action also includes the required
HTTP method.
Note
All configuration service requests must be signed. For more information, see Signing Amazon
Elasticsearch Service Requests (p. 51) in this guide and Signature Version 4 Signing Process
in the AWS General Reference.
Action
HTTP Method
POST
POST
DELETE
GET
POST
GET
Action
HTTP Method
GET
GET
POST
POST
AddTags
Attaches resource tags to an Amazon ES domain. Use the POST HTTP method with this action. For more
information, see Tagging Amazon ES Domains (p. 52).
Syntax
POST /2015-01-01/tags
{
"ARN": "<DOMAIN_ARN>",
"TagList": [
{
"Key": "<TAG_KEY>",
"Value": "<TAG_VALUE>"
}
]
}
Request Parameters
This operation does not use request parameters.
Request Body
Parameter
Data Type
Required?
Description
TagList
Yes
ARN
Yes
Response Elements
Not applicable. The AddTags action does not return a data structure.
Errors
The AddTags action can return any of the following errors:
BaseException (p. 99)
API Version 2015-01-01
72
Example
The following example attaches a single resource tag with a tag key of project to the logs Amazon
ES domain:
Request
POST /2015-01-01/tags
{
"ARN": "<DOMAIN_ARN>",
"TagList": [
{
"Key": "project",
"Value": "trident"
}
]
}
Response
HTTP/1.1 200 OK
x-amzn-RequestId: 5a6a5790-536c-11e5-9cd2-b36dbf43d89e
Content-Type: application/json
Content-Length: 0
Date: Sat, 05 Sep 2015 01:20:55 GMT
CreateElasticsearchDomain
Creates a new Amazon ES domain. Use the HTTP POST method with this action. For more information,
see Creating Amazon ES Domains in the Amazon Elasticsearch Service Developer Guide Developer
Guide.
Syntax
POST /2015-01-01/es/domain
{
"DomainName": "<DOMAIN_NAME>",
"ElasticsearchClusterConfig": {
"InstanceType": "<INSTANCE_TYPE>",
"InstanceCount": <INSTANCE_COUNT>,
"DedicatedMasterEnabled": "<TRUE|FALSE>",
"DedicatedMasterCount": <INSTANCE_COUNT>,
"DedicatedMasterType": "<INSTANCE_TYPE>",
"ZoneAwarenessEnabled": "<TRUE|FALSE>"
},
"EBSOptions": {
"EBSEnabled": "<TRUE|FALSE>",
"VolumeType": "<VOLUME_TYPE>",
"VolumeSize": "<VOLUME_SIZE>",
"Iops": "<VALUE>"
},
"AccessPolicies": "<ACCESS_POLICY_DOCUMENT>",
"SnapshotOptions": {
"AutomatedSnapshotStartHour": <START_HOUR>
},
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "<TRUE|FALSE>",
"indices.fielddata.cache.size": "<PERCENTAGE_OF_HEAP>"
}
}
Request Parameters
This operation does not use HTTP request parameters.
Request Body
Parameter
Data Type
Required?
Description
DomainName
Yes
ElasticsearchClusterConfig
ElasticsearchClusterCon- No
fig (p. 93)
EBSOptions
No
Container for the parameters required to enable EBS-based storage for an Amazon ES domain. For
more information, see Configuring
EBS-based Storage (p. 23).
AccessPolicies
String
No
SnapshotOptions
No
AdvancedOptions
No
Response Elements
Field
Data Type
Description
DomainStatus
Errors
CreateElasticsearchDomain can return any of the following errors:
Example
The following example demonstrates the following:
Creates an Amazon ES domain named streaming-logs
Configures a cluster with six instances of the m3.medium.elasticsearch instance type and three dedicated
master nodes of the same type
Enables zone awareness
Request
POST /2015-01-01/es/domain
{
"DomainName": "streaming-logs",
"ElasticsearchClusterConfig": {
"InstanceType": ""m3.medium.elasticsearch"",
"InstanceCount": 6,
"DedicatedMasterEnabled": "true",
"DedicatedMasterCount": 3,
"DedicatedMasterType": "m3.medium.elasticsearch",
"ZoneAwarenessEnabled": "true"
}
}
Response
HTTP/1.1 200 OK
x-amzn-RequestId: 30b03e92-536f-11e5-9cd2-b36dbf43d89e
Content-Type: application/json
Content-Length: 645
Date: Sat, 05 Sep 2015 01:41:15 GMT
{
"DomainStatus": {
"ARN": "arn:aws:es:us-east-1:123456789012:domain/streaming-logs",
"AccessPolicies": "",
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "true"
},
"Created": true,
"Deleted": false,
"DomainId": "123456789012/streaming-logs",
"DomainName": "streaming-logs",
"EBSOptions": {
"EBSEnabled": false,
"Iops": null,
"VolumeSize": null,
"VolumeType": null
},
"ElasticsearchClusterConfig": {
"DedicatedMasterCount": 3,
"DedicatedMasterEnabled": true,
"DedicatedMasterType": "m3.medium.elasticsearch",
"InstanceCount": 6,
"InstanceType": "m3.medium.elasticsearch",
"ZoneAwarenessEnabled": true
},
"Endpoint": null,
"Processing": true,
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 0
}
}
}
DeleteElasticsearchDomain
Deletes an Amazon ES domain and all of its data. A domain cannot be recovered after it is deleted. Use
the DELETE HTTP method with this action.
Syntax
DELETE /2015-01-01/es/domain/<DOMAIN_NAME>
Request Parameters
Parameter
Data Type
ReDescription
quired?
DomainName
Yes
Request Body
This operation does not use the HTTP request body.
API Version 2015-01-01
76
Response Elements
Field
Data Type
Description
DomainStatus
Errors
The DeleteElasticsearchDomain action can return any of the following errors:
BaseException (p. 99)
InternalException (p. 99)
ResourceNotFoundException (p. 99)
ValidationException (p. 99)
Example
The following example deletes the weblogs Amazon ES domain:
Request
DELETE /2015-01-01/es/domain/weblogs
Response
HTTP/1.1 200 OK
{
"DomainStatus": {
"ElasticsearchClusterConfig": {
"DedicatedMasterEnabled": true,
"InstanceCount": 6,
"ZoneAwarenessEnabled": true,
"DedicatedMasterType": "m3.medium.elasticsearch",
"InstanceType": "m3.medium.elasticsearch",
"DedicatedMasterCount": 3
},
"Endpoint": "search-weblogs-6qjchdvprdi2v2d2ga5apylts4.us-east1.es.a9.com",
"Created": true,
"Deleted": true,
"DomainName": "test-logs",
"EBSOptions": {
"EBSEnabled": false
},
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 0
},
"DomainId": "123456789012/weblogs",
"AccessPolicies": "",
"Processing": true,
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "true"
},
"ARN": "arn:aws:es:us-east-1:123456789012:domain/weblogs"
}
}
DescribeElasticsearchDomain
Describes the domain configuration for the specified Amazon ES domain, including the domain ID, domain
service endpoint, and domain ARN. Use the HTTP GET method with this action.
Syntax
GET /2015-01-01/es/domain/<DOMAIN_NAME>
Request Parameters
Parameter
Data Type
Required?
Description
DomainName
Yes
Name of the
Amazon ES domain that you
want to describe.
Request Body
This operation does not use the HTTP request body.
Response Elements
Field
Data Type
Description
DomainStatus
Errors
DescribeElasticsearchDomain can return any of the following errors:
Example
The following example returns a description of the streaming-logs Amazon ES domain:
Request
GET es.<AWS_DOMAIN>.amazonaws.com/2015-01-01/es/domain/streaming-logs
Response
HTTP/1.1 200 OK
{
"DomainStatus": {
"ElasticsearchClusterConfig": {
"DedicatedMasterEnabled": true,
"InstanceCount": 3,
"ZoneAwarenessEnabled": true,
"DedicatedMasterType": "m3.medium.elasticsearch",
"InstanceType": "m3.medium.elasticsearch",
"DedicatedMasterCount": 3
},
"Endpoint": "search-streaming-logs-okga24ftzsbz2a2hzhsqw73jpy.us-east1.es.a9.com",
"Created": true,
"Deleted": false,
"DomainName": "streaming-logs",
"EBSOptions": {
"EBSEnabled": false
},
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 0
},
"DomainId": "123456789012/streaming-logs",
"AccessPolicies": "",
"Processing": false,
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "true",
"indices.fielddata.cache.size": ""
},
"ARN": "arn:aws:es:us-east-1:123456789012:domain/streaming-logs"
}
}
DescribeElasticsearchDomains
Describes the domain configuration for up to five specified Amazon ES domains. Information includes
the domain ID, domain service endpoint, and domain ARN. Use the HTTP POST method with this action.
Syntax
POST /2015-01-01/es/domain-info
{
"DomainNames": [
"<DOMAIN_NAME>",
"<DOMAIN_NAME>",
]
}
Request Parameters
This operation does not use HTTP request parameters.
Request Body
Field
Data Type
ReDescription
quired?
DomainNames
Yes
Response Elements
Field
Data Type
Description
DomainStatusList
Errors
The DescribeElasticsearchDomains action can return any of the following errors:
BaseException (p. 99)
InternalException (p. 99)
ValidationException (p. 99)
Example
The following example returns a description of the logs and streaming-logs Amazon ES domains:
Request
POST es.<AWS_DOMAIN>.amazonaws.com/2015-01-01/es/domain-info/
{
"DomainNames": [
"logs",
"streaming-logs"
]
}
Response
HTTP/1.1 200 OK
{
"DomainStatusList": [
{
"ElasticsearchClusterConfig": {
"DedicatedMasterEnabled": true,
"InstanceCount": 3,
"ZoneAwarenessEnabled": true,
"DedicatedMasterType": "m3.medium.elasticsearch",
"InstanceType": "m3.medium.elasticsearch",
"DedicatedMasterCount": 3
},
"Endpoint": "search-streaming-logs-okga24ftzsbz2a2hzhsqw73jpy.useast-1.es.a9.com",
"Created": true,
"Deleted": false,
"DomainName": "streaming-logs",
"EBSOptions": {
"EBSEnabled": false
},
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 0
},
"DomainId": "123456789012/streaming-logs",
"AccessPolicies": "",
"Processing": false,
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "true",
"indices.fielddata.cache.size": ""
},
"ARN": "arn:aws:es:us-east-1:123456789012:domain/streaming-logs"
},
{
"ElasticsearchClusterConfig": {
"DedicatedMasterEnabled": true,
"InstanceCount": 1,
"ZoneAwarenessEnabled": false,
"DedicatedMasterType": "search.m3.medium",
"InstanceType": "search.m3.xlarge",
"DedicatedMasterCount": 3
},
"Endpoint": "search-logs-p5st2kbt77diuihoqi6omd7jiu.us-east1.es.a9.com",
"Created": true,
"Deleted": false,
"DomainName": "logs",
"EBSOptions": {
"Iops": 4000,
"VolumeSize": 512,
"VolumeType": "io1",
"EBSEnabled": true
},
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 0
},
"DomainId": "123456789012/logs",
"AccessPolicies": "{\"Version\":\"2012-10-17\",\"State
ment\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Ac
tion\":\"es:*\",\"Resource\":\"arn:aws:es:us-east-1:123456789012:do
main/logs/*\"}]}",
"Processing": false,
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "true"
},
"ARN": "arn:aws:es:us-east-1:123456789012:domain/logs"
}
]
}
DescribeElasticsearchDomainConfig
Displays the configuration of an Amazon ES domain. Use the HTTP GET method with this action.
Syntax
GET /2015-01-01/es/domain/<DOMAIN_NAME>/config
Request Parameters
Parameter
Data Type
Required?
Description
DomainName
Yes
Request Body
This operation does not use the HTTP request body.
Response Elements
Field
Data Type
Description
DomainConfig
Errors
The DescribeElasticsearchDomainConfig action can return any of the following errors:
BaseException (p. 99)
InternalException (p. 99)
ResourceNotFoundException (p. 99)
Example
The following example returns a description of the configuration of the logs Amazon ES domain:
Request
GET es.<AWS_REGION>.amazonaws.com/2015-01-01/es/domain/logs/config
Response
HTTP/1.1 200 OK
{
"DomainConfig": {
"ElasticsearchClusterConfig": {
"Status": {
"PendingDeletion": false,
"State": "Active",
"CreationDate": 1436913638.995,
"UpdateVersion": 15,
"UpdateDate": 1437078577.8
},
"Options": {
"DedicatedMasterEnabled": true,
"InstanceCount": 1,
"ZoneAwarenessEnabled": false,
"DedicatedMasterType": "search.m3.medium",
"InstanceType": "search.m3.xlarge",
"DedicatedMasterCount": 3
}
},
"AdvancedOptions": {
"Status": {
"PendingDeletion": false,
"State": "Active",
"CreationDate": 1436913638.995,
"UpdateVersion": 6,
"UpdateDate": 1436914324.278
},
"Options": {
"rest.action.multi.allow_explicit_index": "true"
}
},
"EBSOptions": {
"Status": {
"PendingDeletion": false,
"State": "Active",
"CreationDate": 1436913638.995,
"UpdateVersion": 15,
"UpdateDate": 1437078577.8
},
"Options": {
"Iops": 4000,
"VolumeSize": 512,
"VolumeType": "io1",
"EBSEnabled": true
}
},
"AccessPolicies": {
"Status": {
"PendingDeletion": false,
"State": "Active",
"CreationDate": 1436913638.995,
"UpdateVersion": 6,
"UpdateDate": 1436914324.278
},
"Options": "{\"Version\":\"2012-10-17\",\"State
ment\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Ac
tion\":\"es:*\",\"Resource\":\"arn:aws:es:us-east-1:123456789012:do
main/logs/*\"}]}"
},
"SnapshotOptions": {
"Status": {
"PendingDeletion": false,
"State": "Active",
"CreationDate": 1436913638.995,
"UpdateVersion": 6,
"UpdateDate": 1436914324.278
},
"Options": {
"AutomatedSnapshotStartHour": 0
}
}
}
}
ListTags
Displays all of the tags for an Amazon ES domain. Use the GET HTTP method with this action.
Syntax
GET /2015-01-01/tags?arn=<DOMAIN_ARN>
Request Parameters
Parameter
Data Type
Required?
Description
ARN
Yes
Request Body
This operation does not use the HTTP request body.
Response Elements
Field
Data Type
Description
TagList
Errors
The ListTags action can return any of the following errors:
BaseException (p. 99)
API Version 2015-01-01
84
Example
The following example lists the tags attached to the logs Amazon ES domain:
Request
GET es.<AWS_REGION>.amazonaws.com/2015-01-01/tags?arn=aws:es:us-east1:123456789012:domain/logs/
Response
HTTP/1.1 200 OK
{
"TagList": [
{
"Key": "Environment",
"Value": "MacOS"
},
{
"Key": "project",
"Value": "trident"
}
]
}
RemoveTags
Removes the specified resource tags from an Amazon ES domain. Use the POST HTTP method with this
action.
Syntax
POST es.<AWS_REGION>.amazonaws.com/2015-01-01/tags-removal
{
"ARN": "<DOMAIN_ARN>",
"TagKeys": [
"<TAG_KEY>",
"<TAG_KEY>",
...
]
}
Request Parameters
This operation does not use HTTP request parameters.
Request Body
Parameter
Data Type
Required?
Description
ARN
Yes
TagKeys
Yes
Response Elements
Not applicable. The RemoveTags action does not return a response element.
Errors
The RemoveTags action can return any of the following errors:
BaseException (p. 99)
ValidationException (p. 99)
InternalException (p. 99)
Example
The following example deletes a resource tag with a tag key of project from the Elasticsearch domain:
Request
POST /2015-01-01/tags-removal
{
"ARN": "<DOMAIN_ARN>",
"TagKeys": [
"project"
]
}
UpdateElasticsearchDomainConfig
Modifies the configuration of an Amazon ES domain, such as the instance type and the number of
instances. Use the POST HTTP method with this action.
Syntax
POST /2015-01-01/es/domain/<DOMAIN_NAME>/config
{
"ElasticsearchClusterConfig": {
"InstanceType": "<INSTANCE_TYPE>",
"Instance_Count": <INSTANCE_COUNT>,
"DedicatedMasterEnabled": "<TRUE|FALSE>",
"DedicatedMasterCount": <INSTANCE_COUNT>,
"DedicatedMasterType": "<INSTANCE_COUNT>",
"ZoneAwarenessEnabled": "<TRUE|FALSE>"
},
"EBSOptions": {
"EBSEnabled": "<TRUE|FALSE>",
"VolumeType": "<VOLUME_TYPE>",
"VolumeSize": "<VOLUME_SIZE>",
"Iops": "<VALUE>"
},
"AccessPolicies": "<ACCESS_POLICY_DOCUMENT>",
"SnapshotOptions": {
"AutomatedSnapshotStartHour": <START_HOUR>,
"AdvancedOptions": {
"rest.action.multi.allow_explicit_index": "<TRUE|FALSE>",
"indices.fielddata.cache.size": "<PERCENTAGE_OF_HEAP>"
}
}
Request Parameters
This operation does not use HTTP request parameters.
Request Body
Parameter
Data Type
ReDescription
quired?
DomainName
Yes
ElasticsearchClusterConfig
ElasticsearchClusterCon- No
fig (p. 93)
Desired changes to the cluster configuration, such as the instance type and
number of EC2 instances.
EBSOptions
No
SnapshotOptions
No
Parameter
Data Type
ReDescription
quired?
AdvancedOptions
No
AccessPolicies
String
No
Response Elements
Field
Data Type
Description
DomainConfig
String
Errors
UpdateElasticsearchDomainConfig can return any of the following errors:
Example
The following example configures the daily automatic snapshot for the streaming-logs Amazon ES
domain to occur during the hour starting at 3:00 AM GMT:
API Version 2015-01-01
88
Request
POST es.<AWS_REGION>.amazonaws.com/2015-01-01/es/domain/streaming-logs/config
{
"SnapshotOptions": {
"AutomatedSnapshotStartHour": 3
}
}
Response
{
"DomainConfig": {
"AccessPolicies": {
"Options": "",
"Status": {
"CreationDate": 1441929121.098,
"PendingDeletion": false,
"State": "Active",
"UpdateDate": 1441929121.098,
"UpdateVersion": 22
}
},
"AdvancedOptions": {
"Options": {
"indices.fielddata.cache.size": "",
"rest.action.multi.allow_explicit_index": "true"
},
"Status": {
"CreationDate": 1441230557.921,
"PendingDeletion": false,
"State": "Active",
"UpdateDate": 1441231536.923,
"UpdateVersion": 19
}
},
"EBSOptions": {
"Options": {
"EBSEnabled": false,
"Iops": null,
"VolumeSize": null,
"VolumeType": null
},
"Status": {
"CreationDate": 1440706652.618,
"PendingDeletion": false,
"State": "Active",
"UpdateDate": 1440707401.259,
"UpdateVersion": 6
}
},
"ElasticsearchClusterConfig": {
"Options": {
"DedicatedMasterCount": 3,
"DedicatedMasterEnabled": true,
"DedicatedMasterType": "m3.medium.elasticsearch",
"InstanceCount": 3,
"InstanceType": "m3.medium.elasticsearch",
"ZoneAwarenessEnabled": true
},
"Status": {
"CreationDate": 1440706652.618,
"PendingDeletion": false,
"State": "Active",
"UpdateDate": 1441231536.923,
"UpdateVersion": 19
}
},
"SnapshotOptions": {
"Options": {
"AutomatedSnapshotStartHour": 3
},
"Status": {
"CreationDate": 1440706652.618,
"PendingDeletion": false,
"State": "Active",
"UpdateDate": 1441929119.716,
"UpdateVersion": 22
}
}
}
}
Data Types
This section describes the data types used by the REST Configuration API.
AdvancedOptions
Key-value string pairs to specify advanced Elasticsearch configuration options.
Field
Data Type
Description
Specifies whether explicit references to indices
are allowed inside the
body of HTTP requests.
If you want to configure
access policies for domain sub-resources,
such as specific indices
and domain APIs, you
must disable this property. For more information, see URL-based
Access Control. For
more information about
access policies for subresources, see Configuring Access
Policies (p. 26).
Field
Data Type
Description
indices.fielddata.cache.size
indices.fielddata.cache.size=<percentage_of_heap>
AdvancedOptionsStatus
Status of an update to advanced configuration options for an Elasticsearch domain.
Field
Data Type
Description
Options
Status
ARN
Field
Data Type
Description
ARN
String
CreateElasticsearchDomainRequest
Container for the parameters required by the CreateElasticsearchDomain service operation.
Field
Data Type
Description
DomainName
ElasticsearchCluster- ElasticsearchClusterConfig
Config (p. 93)
EBSOptions
Field
Data Type
Description
AccessPolicies
String
SnapshotOptions
AdvancedOptions
DomainID
Data Type
Description
String
DomainName
Name of an Amazon ES domain.
Data Type
Description
String
DomainNameList
String of Amazon ES domain names.
Data Type
Description
String Array
EBSOptions
Container for the parameters required to enable EBS-based storage for an Amazon ES domain. For more
information, see Configuring EBS-based Storage (p. 23).
Field
Data Type
Description
EBSEnabled
Boolean
VolumeType
String
VolumeSize
String
Iops
String
ElasticsearchClusterConfig
Container for the cluster configuration of an Amazon ES domain.
Field
Data Type
Description
InstanceType
String
InstanceCount
Integer
DedicatedMasterEnabled
Boolean
Indicates whether dedicated master nodes are enabled for the cluster. True if the cluster will use a
dedicated master node. False if the cluster will not.
For more information, see About Dedicated Master
Nodes (p. 34).
DedicatedMasterType
String
DedicatedMasterCount
Integer
ZoneAwarenessEnabled
Boolean
ElasticsearchDomainConfig
Container for the configuration of an Amazon ES domain.
Field
Data Type
Description
ElasticsearchClusterConfig
EBSOptions
AccessPolicies
String
SnapshotOptions
AdvancedOptions
ElasticsearchDomainStatus
Container for the contents of a DomainStatus data structure.
Field
Data Type
Description
DomainID
DomainName
ARN
Created
Boolean
Deleted
Boolean
Endpoint
Processing
Boolean
ElasticsearchClusterCon- ElasticsearchClusterConfig
fig (p. 93)
Field
Data Type
Description
EBSOptions
Container for the parameters required to enable EBS-based storage for an Amazon ES domain.
For more information, see Configuring EBS-based Storage (p. 23).
AccessPolicies
String
SnapshotOptions
AdvancedOptions
ElasticsearchDomainStatusList
List that contains the status of each specified Amazon ES domain.
Field
Data Type
Description
DomainStatusList
OptionState
State of an update to advanced options for an Elasticsearch domain.
Field
Data Type
Description
OptionStatus
String
OptionStatus
Status of an update to configuration options for an Elasticsearch domain.
Field
Data Type
Description
CreationDate
Timestamp
UpdateDate
Timestamp
UpdateVersion
Integer
Whole number that specifies the latest version for the entity
State
PendingDeletion
Boolean
ServiceURL
Domain-specific endpoint used to submit index, search, and data upload requests to an Amazon ES
domain.
Field
Data Type
Description
ServiceURL
String
SnapshotOptions
Container for parameters required to configure the time of daily automated snapshots of Elasticsearch
domain indices.
Field
Data Type
Description
AutomatedSnapshotStartHour
Integer
SnapshotOptionsStatus
Status of an update to the configuration of the daily automated snapshot for an Elasticsearch domain.
Field
Data Type
Description
Options
Status
Tag
Field
Data Type
Description
Key
Value
TagKey
Field
Data Type
Description
Key
String
TagList
Field
Data Type
Description
Tag
Field
Data Type
Description
Value
String
TagValue
Errors
Amazon Elasticsearch Service throws the following errors:
Exception
Description
BaseException
Thrown for all service errors. Contains the HTTP status code of
the error.
ValidationException
DisabledOperationException
Thrown when the client attempts to perform an unsupported operation. Returns HTTP status code 409.
InternalException
Thrown when an error internal to the service occurs while processing a request. Returns HTTP status code 500.
InvalidTypeException
LimitExceededException
Thrown when trying to create more than the allowed number and
type of Elasticsearch domain resources and sub-resources. Returns HTTP status code 409.
ResourceNotFoundException
Limit
10
The service reserves 10% to 20 % of storage space on each instance for segment merges, logs, and other internal operations.
Cluster Resource
Limit
EBS Resource
Description
Minimum and maximum size of EBS The minimum and maximum size of an EBS volume depends
volumes
on both the specified EBS volume type and the instance type to
which it is attached.
Minimum and maximum EBS volume sizes by instance type:
t2.micro.elasticsearch, t2.small.elasticsearch,
t2.medium.elasticsearch
Minimum: 10 GB; Maximum: 35 GB for each data node
Amazon ES Resource
Limit
bootstrap.mlockall
The service enables bootstrap.mlockall in elasticsearch.yml, which locks JVM memory and prevents the operating system from swapping it to disk, for all supported instance
types except the following:
t2.micro.elasticsearch
t2.small.elasticsearch
t2.medium.elasticsearch
Amazon ES Resource
Limit
Custom plugins
ES_HEAP_SIZE environment variable The service limits Amazon ES Java processes to a heap size of
32 GB.
Scripting module
Logstash Resource
Limit
Output plugins
The service supports two output plugins: the standard elasticsearch plugin and the logstash-output-amazon-es plugin provided
by Amazon ES, which signs and exports Logstash events to
Amazon Elasticsearch Service.
Region Resource
Limit
sa-east-1 region
The service does not support any i2 and r3 instance types in the
sa-east-1 region.
Limit
Maximum size of HTTP request pay- Each supported instance type has a maximum supported payload
loads
for HTTP requests:
t2.micro.elasticsearch: 10 MB
t2.small.elasticsearch: 10 MB
t2.medium.elasticsearch: 10 MB
m3.medium.elasticsearch: 10 MB
m3.large.elasticsearch: 10 MB
m3.xlarge.elasticsearch: 100 MB
m3.2xlarge.elasticsearch: 100 MB
r3.large.elasticsearch: 100 MB
r3.xlarge.elasticsearch: 100 MB
r3.2xlarge.elasticsearch: 100 MB
r3.4xlarge.elasticsearch: 100 MB
r3.8xlarge.elasticsearch: 100 MB
i2.xlarge.elasticsearch: 100 MB
i2.2xlarge.elasticsearch: 100 MB
Parameters in HTTP POST requests The service ignores parameters passed in URLs for HTTP POST
requests signed with Signature Version 4.
TCP transport
The service supports HTTP on port 80, but does not support
TCP transport.
Change
Description
Release Date
1 October
2015
AWS Glossary
For the latest AWS terminology, see the AWS Glossary in the AWS General Reference.